BERKELEY, Calif.--(BUSINESS WIRE)--IPfolio,
provider of next-generation Intellectual Property Management solutions,
announced today that it has completed and received its SSAE 18 SOC 2
Type I security certification. This independently audited
certification verifies that IPfolio has the proper internal controls and
processes in place to deliver high-quality, secure IP management
services.

CyberGuard
Compliance performed the audit and testing of IPfolio’s controls,
and the firm validated IPfolio’s process and security controls. In
accordance with SSAE 18 (Statements on Standards for Attestation
Engagements), the SOC2 Type I audit report includes a description of
IPfolio’s internal controls and detailed testing of those controls.

IPfolio is now preparing for its SOC 2 Type II audit which reports on
effectiveness of controls within the company. The company will be
undergoing the Type II certification in Q4 2018 and expects to be
certified by early Q1 2019.

Mark
Bullard, COO of IPfolio, remarked: “Security is top of mind for all
companies as they face real threats and challenges. We pursued the
rigorous SOC 2 Type I audit because it was essential for IPfolio to
demonstrate externally verified security controls for the protection of
our clients, partners and internal stakeholders. Security, privacy, and
performance are fundamental to a successful deployment of any
application, so we take them very seriously. We are now aggressively
pursuing our Type II certification to further advance our commitment to
security.”

IPfolio’s mission is to elevate, educate and empower intellectual
property professionals to optimize IP operations. Headquartered in
Berkeley, California, IPfolio (www.ipfolio.com)
has pioneered truly cloud-based Intellectual Property (IP) Lifecycle
Management for the enterprise since 2012. Built on the Salesforce
Platform for ultimate scalability, performance, flexibility, and
security, IPfolio reduces administrative overhead, allows strategic
visibility into the IP portfolio, and fosters collaboration between all
stakeholders throughout the IP Management process. IPfolio has a diverse
global customer base including over 140 customers in 20 countries,
ranging from Silicon Valley’s most innovative startups to the Fortune
50, and including three of the world’s ten most valuable corporations.
Follow IPfolio on Twitter @IPfolio,
on LinkedIn,
or visit the IPfolio
blog for commentary on intriguing IP topics of the day.

SSAE 18 (often referred to as SSAE 18 or SOC; and previously
known as SSAE 16 or SAS 70) contains the rules for conducting an
attestation of a service organization’s internal controls and issuing a
System and Organization Controls (SOC) report. Service auditors are
required to follow these rules when conducting a SSAE 18 engagement.

The SOC 2 Type I report provides an overview of the company and its
control environment, references to the company’s policies and
procedures, and an opinion on the suitability and design of the controls
in place at time of the audit. Type I reports are typically a stepping
stone toward a SOC 2 Type II report.

SOC 2 Type II

The SOC 2 Type II report details the effectiveness of a company’s
controls. Have the security controls been implemented and are the
employees actually following all of the company’s policies and
procedures? Type II requires a high level of commitment to security. Per
AICPA guidance, SOC 2 reports must cover a period of at least 6 months,
meaning that the Type II report cannot be issued until at least 6 months
after the Type I.

For more information on SSAE 18 and other security reports, visit www.auditlytics.com
and click on the SSAE 18 tab.